Cross-chain router protocol Multichain has been exploited for nearly $130 million after an attacker siphoned capital out of numerous token bridges.
"The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally," Multichain wrote on Twitter. "The team is not sure what happened and is currently investigating. It is recommended that all users suspend the use of Multichain services and revoke all contract approvals related to Multichain."
The unexpected outflows stripped Multichain’s Fantom bridge of nearly its entire holdings in wBTC, USDC, USDT and a handful of altcoins. Together, the assets were worth over $130 million. On-chain sleuths described the activity as highly unusual; Fantom Foundation CEO Michael Kong told CoinDesk he was “looking into it.”
Multichain has been under pressure for over a month because of failing tech and its AWOL CEO. The trio of unexplained outflows from Multichain’s Fantom, Moonriver and Dogecoin bridge contracts sparked fears on crypto Twitter that a hack could be afoot. Multichain could not immediately be reached for comment.
Binance CEO Changpeng 'CZ' Zhao said that the exploit does not impact Binance users.
"Looks like another hack happened on Multichain. This DOES NOT affect users on Binance itself. We have swapped all assets out and closed deposits a while back. Regardless, we offer our assistance in helping with the situation," CZ wrote on Twitter.
UPDATE (July 7, 2023, 09:17 UTC): Updates headline and adds context on the exploit throughout.